Security update to 4.2.10.1

   - XSS vulnerabilities in SQL debug output and server monitor page.

Advisory:	http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
Release Notes:	http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.10.1/phpMyAdmin-4.2.10.1-notes.html/view

Security:	25b78f04-59c8-11e4-b711-6805ca0b3d42
Approved by:	portmgr (erwin)

- Update asterisk to 1.8.31.1
- Update asterisk11 to 11.13.1

Security:	76c7a0f5-5928-11e4-adc7-001999f8d30b

Approved by:	portmgr (erwin)

www/chromium: fix input of accented keys, bump PORTREVISION.

PR:		193725
Submitted by:	Miguel Clara <miguelmclara@gmail.com>
Patch by:	Tomek <tomek@apostata.org>
Approved by:	ports-secteam (rea)

www/chromium: re-enable test targets (currently broken though)

Approved by:	portmgr (erwin)

www/chromium
- Update to 38.0.2125.104 (bugfix release)
- Drop patch which should be fixed in general by
    https://chromium.googlesource.com/chromium/src/+/084505067895ea2a789b2dc1e033182bc0a0286c%5E%21/#F0

Approved by:	portmgr (erwin)

japanese/mh: multiple fixes

- Add japanese man pages
- Don't setuid/setgid to binaries
- Use BSD_INSTALL_LIB instead of cp
- Remove @dirrm

PR:		194352
Submitted by:	Watanabe Kazuhiro <CQG00620@nifty.ne.jp>
Approved by:	mentors (implicit)

patch-parser.c:
 Replace allready applied patch with new patch from upstream to unbreak the
 xmlcatalog command.
patch-uri.c:
Revert uri.c commit that causes the document chain to fail.

Reported by:	antoine@
Tested by:	bapt@
Approved by:	portmgr (bapt@)

Update to 2.9.2.

This release fixes CVE-2014-3660 (DoS).

Security:	0642b064-56c4-11e4-8b87-bcaec565249c
Approved by:	portmgr (bapt@)

- Un-break build for non-standard OPTION VCHKPW

PR:		193851
Submitted by:	uffe@uffe.org (maintainer)
Approved by:	portmgr (zi)

Fix packaging

Fix plist with NLS
While here sort plist

PR:		194444

- Fix build

- Update to 2.3.3

- Update to upstream version 2014.1.933132

PR:		193618
Submitted by:	gordon@FreeBSD.org (maintainer)

Mark BROKEN: Fails to build

with gcc:
/bin/sh ../../libtool  --tag=CC   --mode=compile cc -DHAVE_CONFIG_H -I. -I../../include  -I../../include -I/usr/local/include -D_REENTRANT -D_THREAD_SAFE -DDEBUG=1 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wpointer-arith -D_THREAD_SAFE -pthread -O2 -pipe -fno-strict-aliasing -I/usr/include -Wdeclaration-after-statement -MT threadsafe.lo -MD -MP -MF .deps/threadsafe.Tpo -c -o threadsafe.lo threadsafe.c
libtool: compile:  cc -DHAVE_CONFIG_H -I. -I../../include -I../../include -I/usr/local/include -D_REENTRANT -D_THREAD_SAFE -DDEBUG=1 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wpointer-arith -D_THREAD_SAFE -pthread -O2 -pipe -fno-strict-aliasing -I/usr/include -Wdeclaration-after-statement -MT threadsafe.lo -MD -MP -MF .deps/threadsafe.Tpo -c threadsafe.c  -fPIC -DPIC -o .libs/threadsafe.o
In file included from threadsafe.c:84:
../../include/freetds/tds.h:149: warning: function declaration isn't a prototype
../../include/freetds/tds.h:149: error: bit-field '__res_state' has invalid type
Makefile:439: recipe for target 'threadsafe.lo' failed

with clang:
/bin/sh ../../libtool  --tag=CC   --mode=compile cc -DHAVE_CONFIG_H -I. -I../../include  -I../../include -I/usr/local/include -D_REENTRANT -D_THREAD_SAFE -DDEBUG=1 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wpointer-arith -D_THREAD_SAFE -pthread -O2 -pipe  -fno-strict-aliasing -I/usr/include -Wdeclaration-after-statement -MT threadsafe.lo -MD -MP -MF .deps/threadsafe.Tpo -c -o threadsafe.lo threadsafe.c
libtool: compile:  cc -DHAVE_CONFIG_H -I. -I../../include -I../../include -I/usr/local/include -D_REENTRANT -D_THREAD_SAFE -DDEBUG=1 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wpointer-arith -D_THREAD_SAFE -pthread -O2 -pipe -fno-strict-aliasing -I/usr/include -Wdeclaration-after-statement -MT threadsafe.lo -MD -MP -MF .deps/threadsafe.Tpo -c threadsafe.c  -fPIC -DPIC -o .libs/threadsafe.o
In file included from threadsafe.c:84:
../../include/freetds/tds.h:149:16: error: bit-field '__res_state' has non-integral type 'TDS_USMALLINT (*())'
        TDS_USMALLINT _res:10;
                      ^    ~~
/usr/include/resolv.h:282:16: note: expanded from macro '_res'
#define _res (*__res_state())
               ^
1 error generated.
Makefile:439: recipe for target 'threadsafe.lo' failed

Reported by:	pkg-fallout

Ignore on the package builders when the default version of python is different
from the requested one

Reported by:	pkg-fallout

Unbreak seamonkey-i18n

With hat:	portmgr

Fix harder

PR:		194205

Fix plist

PR:		194205
Pointyhat to:	bapt

Update to 7.32

Security:	6f825fa4-5560-11e4-a4c3-00a0986f28c4
Approved by:	portmgr

- Update SeaMonkey to 2.30
- Disable SSL 3.0 with pref (Upstream bug 1076983)
- Apply r368080 to seamonkey-i18n
- Kill @dirrm from gecko@ ports per CHANGES from 20140922

PR:		194356
Submitted by:	Jan Beich
Security:	http://www.vuxml.org/freebsd/9c1495ac-8d8c-4789-a0f3-8ca6b476619c.html
Approved by:	ports-secteam (rea)

devel/matreshka: Fix build on i386 platforms

The author of matreshka informed me that GPRBuild 2014 has a bug in
it that suppresses flags like -msse2 and -march.  It's been fixed in the
Pro version, but not the GPL version.  He worked around the bug instead,
and this commit brings in the essential part of that workaround.  The
GPRBuild bug prevented Matreshka from building on i386 on all releases
and all platforms.

While here, remove @dirrm from pkg-plist, strip the installed libraries,
convert to USES=pgsql and tighten the makefile up a bit.

Approved by:	portmgr

- Update Firefox to 33.0
- Update Firefox ESR to 31.2.0
- Update NSS to 3.17.2
- Update Thunderbird to 31.2.0
- Update libxul to 31.2.0 (and mark as BROKEN)
- Disable SSL 3.0 with pref (Upstream bug 1076983)
- (workaround) replace USE_GCC=yes with USES=compiler:gcc-c++11-lib in
  order to fix runtime for PGO and powerpc/powerpc64 on libc++ systems
- Add OSS audio fallback for HTML5 audio from upstream bug;
  not exposed yet because WebRTC still needs ALSA or PulseAudio
- Kill @dirrm from gecko@ ports per CHANGES from 20140922
- Drop workaround for LLVM PR 19007: base and lang/clang34 have the fix
- Improve workaround comment for LLVM PR 15840, partially rejecting
  r348851 by marino@ until bug 193555

PR:		194356
Submitted by:	Jan Beich
Security:	http://www.vuxml.org/freebsd/9c1495ac-8d8c-4789-a0f3-8ca6b476619c.html

Update to 1.8.11p1

PR:		194259
Submitted by:	cy@ and Yasuhiro KIMURA <yasu@utahime.org>

- Fix regex to match all sshd auth errors

PR:		194382
Submitted by:	ronald-lists@klop.ws
Approved by:	portmgr

- Fix rule reset time on arm

PR:		194381
Submitted by:	ronald-lists@klop.ws
Approved by:	portmgr

www/chromium: desupport SSLv3.0, taken from upstream GIT repository.

While here really fix the desktop icon.

Bump PORTREVISION
Obtained from:	https://chromium.googlesource.com/chromium/src/+/701bb044ac5ad4f1572e86b83a673cc49383efb4
Obtained from:	https://chromium.googlesource.com/chromium/src/+/32352ad08ee673a4d43e8593ce988b224f6482d3
Security:	CVE-2014-3566 ("Poodle")
Approved by:	portmgr (bdrewery)

- update to version 4.4.6
- adopt new pkg-plist style

Approved by:	portmgr (mat)

- update to version 4.4.6
- adopt new pkg-plist style

Submitted by:	tota

Approved by:	portmgr (mat)

- fix build with apache24
- fix build with subversion 1.8.x

PR:		193536
Submitted by:	ohauer
Approved by:	Vick Khera (maintainer)
Obtained from:	https://bitbucket.org/atlassian/cwdapache/pull-request/18/added-apache-24-compatibility-and-fixed/diff [2]

[1] fix shaped and tested by Vick Khera
[2] based on

Approved by:	portmgr (mat)

Update to 1.01j.

Security:	vuxml 03175e62-5494-11e4-9cc1-bc5ff4fb5e7b
Security:	CVE-2014-3513
Security:	CVE-2014-3566
Security:	CVE-2014-3567
Security:	CVE-2014-3568
Approved by:	ports-secteam

- Allow svnup to work with TLS; SSLv3 is being disabled due to POODLE.

PR:		194241
Submitted by:	spil.oss@gmail.com
Obtained from:	Merged in upstream

Fix build on head and 10.1

Fixing 'fetch' and unbreak.

Note: the author confirm that the recent changes to the source archive
was just adding a COPYING file
<http://rutschle.net/pipermail/sslh/2014-October/000550.html>.

PR:		ports/194134
Submitted by:	maintainer

Update to 4.3.30

Note my intentions with OVERWRITE_BASE

- Mark OVERWRITE_BASE and security/openssh-portable-base as DEPRECATED.
  These will be removed on January 1 2015.

  Really ports should not be touching the base system at all.

  This option is a big foot-shoot problem:

  1. Recent versions of FreeBSD such as 9.3, 10.0, 10.1+, now remove all ssh
     files from /usr if you 'make delete-old' with WITHOUT_SSH. This results in
     removing the overwrite base files.
  2. Uninstalling the package leaves the system with no ssh.
  3. Running installworld without WITHOUT_SSH results in overwriting the
     package, or giving false-positive 'pkg check -s' errors.
  4. The port fails to pass QA checks because it removes system files.

- Add dependency back for ruby-bdb for Ruby 2.0.

PR:		188084
PR:		185523

- Update to 2.4.13
- Update plist for pkg-1.3
- Remove pkg-message as ALT_PKGDEP has not worked properly since 2008.
  See https://github.com/freebsd/portupgrade/issues/61

Changes:
  * portinstall/upgrade -P[P] now supported with pkgng
  * pkg_fetch now supports pkgng
  * Fixed pkg-1.3 delete support to not recurse
  * Fixed portupgrade -b support with pkgng
  * Improved portsclean performance with pkgng (#59)
  * Use service(8) for rc script restarting
  * Show command executions with PORTUPGRADE_DEBUG in environment
  * Deprecate rc script handling in lieu of pkg's HANDLE_RC_SCRIPTS in pkg.conf

- Plist fixes. No need for @exec and use @sample.